A fresh install of Ubuntu 8.03 Hardy Heron (like most linux distributions) does not come with flash pre-installed. When you use Firefox to navigate to a site that has flash, in true Ubuntu fashion, a message will be displayed asking you if you want to install it. The problem is that there are 3 different options to choose from and nothing that really tells you which is what. The choices are:

- Swfdec player for Adobe/Macromedia Flash
- Adobe Flash Player (Installer)
- Gnash SWF Player

Swfdec player is the default player, so I decided to install it without thought. As it turns out, Swfdec is an open source alternative to Adobe’s Flash Player. It installed fine, but has some interesting things to it. For one, it blocks all flash content on a web page and replaces it with a gray box. You must click the gray box before the flash object will load. Youtube videos seem to play just fine, but the volume control doesn’t work. Most other flash objects on the web, aside from basic menus, do not load properly.

Adobe Flash Player is what should be default in my opinion. It is not open source which is probably what kept it out of the number 1 spot but is probably what novice users want. When I uninstalled Swfdec and installed this, everything seemed to load and work as I’ve come to expect.

Gnash is another open source flash player but doesn’t seem as good as Swfdec. I would wait on installing this until the development matures more.

I really wish Ubuntu included some thing that told the user about each option instead of making them research it on their own. So if you are like I was and sitting there wondering what the difference is, I hope this helps.

Original post So the tech just left my house and guess what? Yeah, not my gateway. He had to add an amplifier because the signal isn't coming into the house strong enough. Here's a screen shot of my status page again. Notice how the Downstream power is now perfect. ...

First off, we got some new computers at work that have the ATI Radeon 2400 HD Pro video cards. I wish I would have done some research when I had the specs for the new machines because I would have found out that ATI cards don't get along with ...

Because I am currently managing both Housing and ResTek servers (separate entities, similar needs), I’ve been trying to find a few ways to share resources between them. My manager also requested that the staff over at Housing be able to access the ResTek wiki (and maybe vise versa).

Thanks to former administrator Gordon, Housing servers were switched from SLES to FreeBSD, which is what most of our ResTek servers are. The setups now are really similar, with one exception being the fact that ResTek uses LDAP (PAM+NSS) for authentication and other things. Housing is still using local accounts because there hasn’t been a need to move to LDAP.

The goal was to add accounts for Housing employees into our ResTek LDAP directory, and then eventually share things like our wiki, Nagios, etc.

To accomplish this, I simply created another group (posixGroup) in our directory: cn=webteam. All of our ResTek employees have a primary group of cn=restek. All Housing “web team” members would have a primary group of ‘webteam.’

This seems simple enough, but there was one problem, and that was for special cases like myself, that needed to be in both groups (to access both resources). In other words, I needed a way to make myself a member of ‘webteam’ without it being a primary group. That is as simple as adding my short user name to the group’s entry as a memberUid attribute. So, we end up with something like the following (abbreviated):

Groups:

cn=restek,ou=Group,dc=restek,dc=wwu,dc=edu
gidNumber: 5000
memberUid: jonny

cn=webteam,ou=Group,dc=restek,dc=wwu,dc=edu
gidNumber: 4000
memberUid: kian

People:

uid=kian,ou=People,dc=restek,dc=wwu,dc=edu
gidNumber: 5000

uid=jonny,ou=People,dc=restek,dc=wwu,dc=edu
gidNumber: 4000

What does this result in? Kian’s primary group will be ‘restek’, and he will also be a member of ‘webteam’. Jonny’s primary group will be ‘webteam’, but he’ll be a member of the ‘restek’ group too.

Now, to allow Webteam Jonny into our Nagios page, the following can be added to Apache’s httpd.conf:

<directory "/usr/local/www/nagios/">
    Options All

    Order allow,deny
    Allow from all

    Include etc/apache22/ldap-auth-base.conf
    require valid-user
</directory>

ldap-auth-base.conf:

# Don't want people to be allowed to authenticate insecurely
SSLRequireSSL

AuthType Basic
AuthBasicProvider ldap
AuthName "ResTek Login"
AuthLDAPURL "ldap://ldap.restek.wwu.edu/ou=People,dc=restek,dc=wwu,dc=edu?uid??" TLS
AuthLDAPBindDN "cn=BINDUSER,dc=restek,dc=wwu,dc=edu"
AuthLDAPBindPassword SUPERSECRETPASSWORD
# group members are short names (uid), not full distinguished names
AuthLDAPGroupAttributeIsDN off
AuthLDAPGroupAttribute memberUid

In other words, any valid user will be allowed to log in. If we want to restrict it to members of the ‘restek’ group (primary OR secondary, we would do the following instead:

Include etc/apache22/ldap-auth-base.conf
require ldap-attribute gidNumber=5000
require ldap-group cn=restek,ou=Group

In other news, we’ve moved our IDS/monitoring tools off of our firewalls and onto a separate OpenBSD server. All of our WAN traffic is mirrored from the router onto the second interface of that server, where the monitoring tools listen. It’s helping reduce the CPU load on our firewalls a bit, and is also probably a better practice security-wise.

I've been arguing with comcast for months and months now because my connection at home drops multiple times a day for anywhere from a few seconds to 30 minutes to an hour. They have not once sent a tech out to take a look at things, they just immediately ...

As I get further into my major, I find it interesting to see what research is being done by others in the same department. Networkworld recently had a post about 25 leading-edge IT research projects from universities across the nation. Here are some of my personal favorites:

Real Bandwidth Management
Computer Scientists at the University of California at San Diego are looking at ways to have a TCP-based bandwidth management system that works across global networks.

With our system, an organization with mirrored Web sites or other services across the globe could dynamically shift its bandwidth allocations between sites based on demand.

Universities could benefit from this technology greatly as they could have main campuses unused bandwidth of the evenings be shifted over to their residence halls and then reallocated in the morning. This would give students living on campus an extra boost of bandwidth and it wouldn’t cost a thing.

Finding pictures of needles in haystacks
Researchers at Penn State have created software that tags your images for you as you upload them to Yahoo’s flickr. These automatically generated tags change depending on how users interact with your photos.

“Tagging itself is challenging as it involves converting an image’s pixels to descriptive words,” said James Wang, lead researcher and associate professor of information sciences and technology, in a statement. “But what is novel with the ‘Tagging over Time’ or T/T technology is that the system adapts as people’s preferences for images and words change.”

People have a lot of photos online and I think this would be a really neat solution to tagging all those photos. Uploading photos wouldn’t be such a pain and searching for the photos you have uploaded would be even easier. Plus it would be interesting to see how people interact with your photos.

No its not another cellphone, it’s a new web browser. Thats right, AT&T has decided to enter the world of web browsers throwing a very 3Dish feel to the experience. The name is Pogo and while the Beta release is currently closed from the public, they have an interesting flash preview on their site. From the looks of it, it seems very resource intensive but depending now how its implemented it should be very exciting. The demo shows it running on Windows XP, no word about other operating systems though. Speaking of no word, their site has no system requirements listed either. It is still in Beta though so we shall see. Something to keep an eye on anyway.

I find it interesting how most operating systems (read: Windows/Mac) try to hide files. For example, when you install a new program, do you really know what is going on? Sure you can specify a path for the main components but the shared DLL (Dynamic Link Library) files are thrown all over the place, registry keys are added, and in the end you are just amazed the program actually works. Sometimes this is good as the novice computer user probably shouldn’t be modifing these files, but if you are like me then it bugs you to not know where stuff is on your own computer.

The good folks over on the Defensive Computing blog recently made an interesting post about how to find Firefox plug-ins. This is definitely good information when you are trying to uninstall a plug-in and it leaves files behind. I would also suggest taking a look at it even if you don’t really need to modify these files. Knowing how to access key components in Firefox can only help your understanding of the browser.

I’ve had several people ask me what my favorite text editor is. For those that are new to the field, there is some what of an incessant war over “the best text editor” between those in the IT field. The two main contenders are Vim and Emacs. This post isn’t meant to be a comparison between the two editors as there are plenty of those pages already on the internet. Instead I’d like to take a minute and explain why I choose Vim, and hopefully enlighten those that are new to the topic.

First of all, I’m sure there are those that are wondering who cares. It’s just a text editor after all. It’s not like you are writing a paper or editing full blown documents right? To most people this may be very true but to a programmer it’s not “just a text editor”. I do all my programming (no matter what language it is) in my text editor. This means almost all school work, ResTek work, and leisure programming. So for a program that is so often used, you might start to see how there could be some debate about which is better than the other.

For me, I choose Vim. Vim does take a little getting use to, I wont lie. You move the cursor around by the H, J, K, and L buttons. There are editing modes, and more options than anyone could possibly memorize. I’ve been using the program for over a year now and I probably know less than half the commands. The main thing I do like about it is that its terminal based (there is a GUI (Graphical User Interface) version if you are interested though). This means that I can open it and work when in SSH (Secure Shell) sessions. Vim also has syntax highlighting for most programming languages and a built in spell checker.

Vim may not be the editor with the most friendly learning curve but if you are looking for a lightweight, powerful editor then you should give Vim a try.

Our System Administrator here at WWU has a blog that I was browsing earlier and he pointed to an interesting article about Generation Y in the work place. As I am part of this generation I found it to be particularly interesting. In a nutshell the article talks about how we are entering the workplace with more information, greater technological skill and higher expectations of ourselves and others than prior generations, and yet at the same time we have an inability to take criticism. We are the product of positive thinking where “everyone is a winner”.

With the attitude that my generation has, it will be interesting to see how company paradigms will change to reflect this new way of thinking.